Higher-Order Conditional Term Rewriting. In this paper, we extend the notions of rst-order conditional rewrite systems

Transcription

1 Higher-Order Conditional Term Rewriting in the L Logic Programming Language Preliminary Results Amy Felty AT&T Bell Laboratories 600 Mountain Avenue Murray Hill, NJ Abstract In this paper, we extend the notions of rst-order conditional rewrite systems and higher-order rewrite systems to obtain higher-order conditional rewriting. Such rewrite systems can be used to directly express many operations in theorem proving and functional programming. We then illustrate that these rewrite systems can be naturally specied and implemented in a higher-order logic programming language. This paper was presented at the Third International Workshop on Extensions of Logic Programming, February Introduction Higher-order rewrite systems extend rst-order rewrite systems and provide a mechanism for reasoning about equality in languages that include notions of bound variables [1, 9, 12, 5]. First-order conditional rewrite systems extend rstorder rewrite systems, providing more expressive power by allowing conditions to be placed on rewrite rules [2, 8]. Such conditions must be satised before a particular rewrite can be applied. In this paper, we extend these two notions to dene higher-order conditional rewriting. We extend rst-order conditional rewriting to the higher-order case in a manner that can be viewed as analogous to the way that Nipkow [12] and Felty [5] extend rst-order rewriting to the higherorder case. We use the simply typed -calculus as the language for expressing rules, with a restriction on the occurrences of free variables so that matching of terms with rewrite templates is decidable. Conditions will be expressed in a logic, called E, which extends this restriction on free variables to variables bound by quantication. We then show how such rewrite systems can be specied and implemented in a higher-order logic programming language whose logical foundation is L [10], a variant of E. This language replaces rst-order terms in traditional languages such as Prolog with simply typed -terms, and rst-order unication with a simple and decidable subcase of higher-order unication, called 0 - unication. The rules of a higher-order rewrite system can be directly specied

2 in this language, and unication is directly available for matching terms with rewrite templates. Our extended language also permits queries and the bodies of clauses to be both implications and universally quantied. These operations are essential for applying rewrite and congruence rules to descend through terms in order to apply rewrite rules to subterms. The programs presented here have been tested in the logic programming language Prolog which is more general than the language L used in this paper. In Section 2 we dene L and E, the metalanguages for logic programming and for expressing rewriting, respectively. In Section 3, we dene conditional higher-order rewrite systems using this metalanguage. In Section 4 we describe an interpreter for the logic programming language, and in Section 5 we illustrate by example how rewrite systems can be specied in this language. Finally, Section 6 concludes. 2 A Metalanguage for Rewriting The terms of the metalanguage are the simply typed -terms. We present the notation used here and some basic properties. See Hindley and Seldin [7] for a fuller discussion. We assume a xed set of primitive types. The set of types is the smallest set of expressions that contains the primitive types and is closed under the construction of function types, denoted by the binary, inx symbol!. The Greek letter is used as a syntactic variable ranging over types. The type constructor! associates to the right. For each type, we assume that there are denumerably many constants and variables of that type. Constants and variables do not overlap and if two constants (variables) have dierent types, they are dierent constants (variables). To make the type of constant a explicit, we often write a:. We often speak of a xed signature or a nite set of constants and variables, usually denoted. Simply typed -terms are built in the usual way using constants, variables, applications, and abstractions. If M is a term and x 1 ; : : :; x n are distinct variables, we often write x n :M for x 1 : : :x n :M and Mx n for Mx 1 : : :x n. For a term M of type 1!! n! 0 where n 0 and 0 is primitive, we say that n is the arity of M. In a term of the form hm 1 : : : M n where n 0 and h is a constant or variable, we say that h is the head of this term. If x is a variable and M is a term of the same type then [M=x] denotes the operation of substituting M for all free occurrences of x, systematically changing bound variables in order to avoid variable capture. We shall assume that the reader is familiar with the usual notions and properties of substitution and,, and conversion for the simply typed -calculus. Here, equality between -terms is taken to mean -convertible. When we write a term, it actually represents an equivalence class of terms. A term is called a higher-order pattern (or simply pattern) if every occurrence of a free variable h appears in a subterm of the form hx 1 : : : x n where n 0 and x 1 ; : : :; x n are distinct bound variables. In Miller [10], it is shown that 2

3 unication of patterns, called 0 -unication, is decidable and that for any two uniable patterns, a most general unier can be computed. To dene L formulas, we extend the notion of terms. We assume o is a member of the set of primitive types. A predicate p is a constant of type 1!! n! o where 1 ; : : :; n do not contain o. The logical constants are given the following types: ^ (conjunction) and (implication) are both of type o! o! o; and 8 (universal quantication) is of type (! o)! o, for all types not containing o. The logical constants ^ and are written in the familiar inx form. A formula is either atomic or non-atomic. An atomic formula is of the form (pt 1 : : :t n ), where p is a predicate and t 1 ; : : :; t n are terms of the types 1 ; : : :; n, respectively. Non-atomic formulas are of the form B 1 ^ B 2, B 1 B 2, or 8 (x B), where B; B 1, and B 2 are formulas and is a type not containing o. The expression 8 (x B) is written 8 x B or simply as 8x B when types can be inferred from context. The formula 8x 1 : : :8x n B, n 0 is also written 8x n B. We dene two sets of L formulas, called D and G, by placing restrictions on variables bound by quantication. These restrictions are similar to the one above on variables bound by -abstraction in patterns. A variable occurrence z in a formula is said to be positive (negative) if it is bound by a positive (negative) occurrence of a universal quantier. A variable occurrence is -bound if it is bound by a -abstraction. A formula is in D (respectively G) if every positive (respectively negative) variable occurrence z appears in a subterm of the form zx 1 : : : x n where n 0 and x 1 ; : : :; x n are distinct either negative (respectively positive) variable occurrences or -bound variable occurrences bound within the scope of the binding for z. We call this restriction on z the head restriction. In addition, we require that formulas in D and G are closed. A formula in D or G is called, respectively, a D-formula or a G-formula. Provability for L can be given in terms of sequent calculus proofs. A sequent is a pair! G, where G is a G-formula, and is a nite (possibly empty) sets of D-formulas. The set is this sequent's antecedent and G is its succedent. The expression B; denotes the set [fbg; this notation is used even if B 2. The inference rules for sequents are presented in Figure 1. The following provisos are also attached to the two inference rules for quantier introduction: in 8-R c is a constant of type not occurring free in the lower sequent, and in 8-L t is a term of type. A proof of the sequent! G is a nite tree constructed using these inference rules such that the root is labeled with! G and the leaves are labeled with initial sequents, that is, sequents 0! G 0 such that G The non-terminals in such a tree are instances of the inference gures in Figure 1. Since we do not have an inference gure for -conversion, we shall assume that in building a proof, two formulas are equal if they are -convertible. We extend L with equality, reducibility, join, and redex relations at primitive types by introducing four constants =,!, #, and!, respectively, of type!! o for every primitive type except o. Subscripts will be omitted when type information is not important or can be inferred from context. This 3

4 B; C;! G ^-L B ^ C;! G! B! C ^-R! B ^ C! B C;! G -L B C;! G B;! C -R! B C [t=x]b;! G 8-L 8 x B;! G! [c=x]b 8-R! 8 x B Fig. 1. Left and right introduction rules for L language will be called E, and has the additional inference rules in Figure 2. The rst four rules express reexivity, symmetry, transitivity, and congruence of equality. In the CONG rule, h is a variable or constant of arity n, and for i = 1; : : :; n, M i and N i are terms of arity m i. Also, the universally quantied variables in the premises must not occur free in the conclusion, and must be of the appropriate type for the terms in the premises to be well-formed. In addi-! M = M REFL! M = N SYM! N = M! M = P! P = N TRANS! M = N! 8x m1 (M 1 x m1 = N 1 x m1 )! 8x mn (M n x mn = N n x mn ) CONG! hm 1 : : :M n = hn 1 : : : N n! M! P! N! P JOIN! M # N Fig. 2. Rules for equality in E tion, E has corresponding REFL, TRANS, and CONG rules for the! relation. Finally, the last rule expresses the meaning of the join relation. There are no rules for the! relation. It will be used to express rewrite rules. We dene a set of formulas called G 0 that, unlike and G may contain free variables. A formula is in G 0 if all its constants are either logical connectives or one of the equality, reducibility, join, or redex predicates. In addition, we 4

5 place a head restriction on negative variable occurrences similar to that on G but we also extend it to free variables. In particular, every negative variable occurrence or free variable occurrence z must appear in a subterm of the form zx 1 : : : x n where n 0 and x 1 ; : : :; x n are distinct positive variable occurrences or -bound occurrences bound within the scope of the binding for z. A formula in G 0 is called a G-condition. Such formulas will be used to express conditions on rewrite rules. 3 Higher-Order Conditional Rewrite Systems A conditional equation is dened to be a triple G ) l = r such that G is a G-condition whose atomic formulas contain only the equality predicate, l and r are patterns having the same primitive type, l is not a free variable, and all free variables in r also occur in l or G. We say that an occurrence of a free variable in a G-condition is in reduced-term position if it occurs in an atomic formula on the right hand side of a binary relation and the atomic formula is on the right hand side of an even number of implications. A conditional rewrite rule is dened to be a triple G ) l! r such that all the atomic formulas of the G-condition G contain only reducibility, join, and redex predicates, l and r are patterns having the same primitive type, l is not a free variable, and all free variables in r also occur in l or have occurrences in reduced-term position in G. A Higher-Order Conditional Rewrite System (HCRS) is a nite set of conditional rewrite rules. In Nipkow [12] and Felty [5], higher-order rewrite rules without conditions are dened using patterns on the left hand side and arbitrary -terms on the right. The specication of such rewrite systems in a metalanguage slightly more general than L is discussed in [5]. This notion of higher-order rewriting extends the usual notion of rst-order term rewriting. Conditional rewrite rules as dened here extend rst-order conditional rewrite rules (as dened in Dershowitz et. al. [3], for example) in an analogous way. In rst-order rewrite rules, the condition G is often dened to be a conjunction of atomic formulas using equality or one of the reducibility predicates. Thus, our denition extends the denition by allowing an arbitrary formula from G 0. For higher-order rewrite rules without conditions, the fact that unication of patterns is decidable guarantees that the rewrite relation is decidable. Conditional rewriting, even in the rst-order case is more complicated and not always decidable, and thus will not be decidable in our case either. Note that we do, however, retain the property that it is decidable whether a given term matches a left hand side of a rewrite rule. In writing rewrite rules, we adopt the convention that tokens beginning with upper case initial letters are free variables. Tokens that begin with lower case letters other than those bound by are constants. To illustrate, we consider an example which expresses evaluation in a simple functional programming language consisting of primitive datatypes for booleans and natural numbers, a conditional statement, constructs for lists, function 5

6 abstraction, application, a x point operator, and the let operator as in ML. We introduce a primitive type tm for terms of this functional language and introduce the constants shown with their types in Figure 3 to represent the constructs of the language. We will write and < as inx operators. Clearly not all terms of true : tm nil : tm false : tm cons : tm! tm! tm if : tm! tm! tm! tm hd : tm! tm 0 : tm tl : tm! tm s : tm! tm empty : tm! tm < : tm! tm! tm app : tm! tm! tm : tm! tm! tm abs : (tm! tm)! tm gcd : tm! tm! tm let : (tm! tm)! tm! tm fix : (tm! tm)! tm Fig. 3. Constants for Representing Functional Programs type tm correspond to valid programs. Some form of type checking is needed. We only discuss evaluation here and assume terms to be evaluated correspond to valid programs. The rewrite rules expressing evaluation are given in Figure 4. Evaluation in the rst-order fragment of this language is given by all but the last M < M! false M < (s M)! true (s M) < M! false (s M) < (s N)! M < N (s M) (s N)! M N 0 M! 0 M 0! M (N < M! true) ) (gcd M N! gcd (M N) N) (M < N! true) ) (gcd M N! gcd M (N M)) gcd M M! M if true M N! M if false M N! N hd (cons M N)! M tl (cons M N)! N empty nil! true empty (cons M N)! false abs x:(app M x)! M 8x:((x! N) (Mx! P )) ) (app (abs M) N! P ) 8x:((x! N) (Mx! P )) ) (let M N! P ) 8x:((x! (fix M)) (Mx! P )) ) (fix M! P ) Fig. 4. Rewrite Rules Expressing Evaluation in a Simple Functional Language four rules. These rules are straightforward and it is easy to see that they satisfy the necessary constraints. The left and right hand sides are patterns since none 6

7 of the free variables are applied to any arguments, and the two conditions are G-conditions. Now consider the last four rules. The two constants app and abs are used to code function application and abstraction. The rst rule species -reduction of -terms. On the left hand side, the bound variable x will not occur in instances of M as is required by the -rule: any instance of M containing x would cause the variable x in the above rule to be renamed to avoid variable capture. The second rule species -conversion. A term of the form (app (abs M) N) is a -redex whose reduced form is P as long as the condition on the left is satised. This condition states that for an arbitrary x, under the addition of the rewrite rule that rewrites x to N, it must be the case that Mx reduces to P. Note that instances of P cannot contain free occurrences of the variable x bound by universal quantication for the same reason as stated above for M. Thus all occurrences of x in Mx must be rewritten to N in order for this condition to succeed. The let construct corresponds to a let statement in ML. In a term of the form (let M N), it is intended that the bound variable at the head of M will be assigned the value N in the body. In other words, this term is an abbreviation for the application M N. This reduction is expressed by the third rule above and is similar to the rule for -reduction. The rule which expresses the unfolding of a xpoint operator is also similar, but here x rewrites to (fix M). It is easy to see that the left and right hand sides of the above four rules are patterns, since there are no arguments to any of the free variables. In the conditions, the free variable M is applied to x which is bound by a positive occurrence of a universal quantier. In the latter three rules, although P occurs on the right but not on the left of the rewrite rule, it occurs in reduced-term postition in the condition. Thus these conditions are G-conditions, and all four rules are valid conditional rewrite rules. Note that as a rewrite system, these rules express non-deterministic evaluation. Nothing about order of evaluation in specied. In Felty [5], we show how to implement various rewriting strategies in the Prolog logic programming language. Such strategies, when given these rewrite rules as a parameter, correspond to various strategies for evaluating functional programs. 4 An Interpreter for L In the next section, we will talk about specifying higher-order conditional rewrite systems in L. We will discuss the operational reading of these specications with respect to a logic programming interpreter for L and provide some insight into implementation. We provide a high-level description of this interpreter here. A denite clause is a D-formula of L, and a program is a set of denite clauses. A goal is a G-formula. From properties about L presented in Miller [10], a sound and complete (with respect to intuitionistic logic) non-deterministic interpreter can be described by the following search operations. Here, the inter- 7

8 preter is attempting to determine if the goal formula G follows from the program. AND: If G is G 1 ^ G 2 then try to show that both G 1 and G 2 follow from. AUGMENT: If G is D G 0 then add D to the current program and try to show G 0. GENERIC: If G is 8 xg 0 show [c=x]g 0. then pick a new constant c of type and try to BACKCHAIN: If G is atomic, we consider the current program. If there is a universal instance of a denite clause which is convertible to G then we are done. If there is a denite clause with a universal instance of the form G 0 G then try to show G 0 follows from. If neither case holds then G does not follow from. An implementation of an interpreter must make many choices which are left unspecied in the high-level description above. We discuss a few of the choices made by the logic programming language Prolog, which contains an implementation of L. First, the order in which conjuncts and disjuncts are attempted and the order for backchaining over denite clauses is determined exactly as in conventional Prolog systems: conjuncts and disjuncts are attempted in the order they are presented. Denite clauses are backchained over in the order they are listed in using a depth-rst search paradigm to handle failures. Logic variables as in Prolog are used in forming a universal instance in the BACKCHAIN operation. These variables can later be instantiated through unication. In this case, it is 0 -unication that is required. The presence of logical variables in an implementation also requires that GENERIC be implemented slightly dierently than is described above. In particular, if the goal 8 xg 0 contains logical variables, the new constant c must not appear in the terms eventually instantiated for the logical variables which appear in G 0 or in the current program. Any implementation must take this constraint into account. 5 Specifying Rewrite Systems In this section, we discuss the specication of higher-order rewrite systems in L. Unlike E, L does not have the equality, reducibility, join, and redex relations or the inference rules for them as primitives. Here, we introduce constants for these relations and provide program clauses to specify the inference rules. We will assume that all terms from a given object language contain only constants from a xed signature, say, which at least includes all of the constants in the rewrite rules. As an example, we take as a signature the set of constants declared in Figure 3 and illustrate the specication of the rewrite system for evaluation given in Figure 4. 8

9 To specify rewriting at a particular primitive type, we introduce the inx relations =,!, #, and! to serve as predicates of type!! o. Our specication will be a set of denite clauses from which we can attempt to prove goals representing rewriting queries. The specication of rewrite rules as clauses is straightforward: we replace the rewriting relations of E with the new rewriting predicates, we replace ) with, and we take the universal closure over the free variables of the rewrite rule, including those in the condition. To illustrate, the three clauses below specify a rst-order rule without and with a condition, and a higher-order rule with a condition. All subscripts on the reducibility and redex relation should be tm. We omit them for readability. 8M8N ((s M) < (s N)! M < N) 8M8N((N < M! true) (gcd M N! gcd (M N) N)) 8N8M8P (8x:((x! N) (Mx! P )) (app (abs M) N! P )) Note that we do in fact obtain D-formulas by simply taking the universal closure at the top level. Any free variable occurrence in the rewrite rule becomes a positive variable occurrence in the closure. In the condition, both negative and free variable occurrences become positive variable occurrences in the closure. As a formula in G 0, it was the negative and free variables that had to satisfy the head restriction, while in a D-formula, it is the positive occurrences that must satisfy this restriction. Generally, in executing rewrite goals, we will often have a closed term on the left of the arrow and a variable on the right to be instantiated with the result of the rewrite. In using the rst clause for example, M and N will be replaced with logic variables which get instantiated by matching the left hand side of the query with the pattern (s M) < (s N). When the second clause is used in backchaining, we will then have to solve the subgoal specifying the condition. Note that if M and N are instantiated by the backchain operation, the terms on both the left and right of this subgoal will be instantiated. Backchaining on the third clause will provide instances of M and N. The subgoal that must be proved is slightly more complex. First, a GENERIC search operation will be applied to generate a new constant, say c, for x. Then the AUGMENT operation will add a clause stating that this constant c rewrites to the given instance of N. Then, in this new context, it must be shown that Mc rewrites to some term instantiating P. By the restriction on the GENERIC operation, this term cannot contain c, thus the rewrite rule for c must be applied for every instance of c, replacing each one by N. For readability, in the remainder of this and the next sections, we will often leave o outermost universal quantication, and assume universal closure over all variables written as tokens with initial upper case letters. To specify congruence, we introduce a D-formula for each constant in. These D-formulas have the same form as those for rewrite rules with conditions. For example, the following two formulas are included for the app and abs 9

10 constants. (M! P ) ^ (N! Q) (app M N! app P Q) 8x((x! x) (Mx! Nx)) (abs M! abs N) The clause for abs states that an abstraction (abs M) rewrites to (abs N) if for arbitrary x such that x rewrites to itself, Mx reduces to Nx. Operationally, in trying to solve a goal of the form (abs M 0! abs N 0 ) where, say, M 0 is a closed term and N 0 a logic variable, we can use this clause to descend through the abstraction in M 0. The GENERIC operation will generate a new meta-level signature item, say c, and the AUGMENT operation will add the atomic formula (c! c). This can be viewed as the dynamic addition of a new constant to the object-level signature and a reexive rule for it. Then, -reduction at the meta-level of M 0 c performs the substitution of the new item c for the outermost bound variable in M 0. In eect, the new signature item plays the role of the name of the object level bound variable. The atomic clause (c! c) can be used during the search for a term N 0 c that is reachable by some number of rewrite steps from M 0 c. N 0 is the abstraction not containing c. A congruence rule for a new constant of functional type is more complex. For example, if we had a function constant h whose type is ((tm! tm)! tm)! tm, its corresponding congruence clause would be: 8f(8P 8Q((P! Q) (fp! fq)) (Mf! Nf)) (h M! h N) Operationally, after backchaining on the above clause, instead of an atomic clause, the clause (P! Q) (fp! fq) would be dynamically added by AUGMENT, serving as new congruence rule for the new function constant f. We can in fact dene a general function for specifying congruence rules for a particular signature. For signature item a of type, [[a; a : ]] yields the necessary congruence rule. ( M [[M; N : ]]! N if is a primitive type = 8x8y([[x; y : 1 ]] + [[Mx; Ny : 2 ]] ) if is 1! 2 ( [[M; N : ]] + M! = N if is a primitive type 8x([[x; x : 1 ]] [[Mx; Nx : 2 ]] + ) if is 1! 2 These functions are a (corrected) version of those used by Miller [11] to specify equality and substitution for simply typed -terms and are similar to those used by Felty [4] to code a dependent typed -calculus in a higher-order intuitionistic logic. The remaining rules of Figure 2 are specied in a straightforward manner, by including the following clauses at each primitive type. (M! P ) ^ (P! N) (M! N) (M # P ) ^ (N # P ) (M! N) (M! N) (M = N) (M! N) (N = M) 10

11 Note that we do not include a clause specifying reexivity. We do not need one when we include \reexivity" clauses (a! a) for each constant a of primitive type in the signature. To rewrite a term to itself, congruence rules must be used to descend through the entire term, applying reexivity rules for constants at the leaves. For eciency reasons, we may want to include a reexive rule 8M(M! M). It can be used to prove the equivalence of two arbitrary terms of primitive type in a single step. An advantage of the former approach is that it can also be used to verify that a term is well-formed in a particular signature. 6 Some Concluding Remarks As stated earlier, the formulation of rewrite rules in Nipkow [12] and Felty [5] is slightly dierent than that given here. There are no conditions and right hand sides are not restricted to be patterns. If terms are always matched against left hand sides, decidability of the rewrite relation is not aected. In this setting, the last three rules in Figure 4 can be expressed more directly, and perhaps more naturally, as follows. app (abs M) N! MN fix M! M (fix M) let M N! MN In applying one of these rules, instead of having to satisfy a condition which adds a rewrite rule for some new constant c, and must then reduce the term Mc in a new context, application of -terms is used to directly substitute the appropriate term for the bound variable in M. In that setting, a logic programming language with unication more powerful than 0 -unication is needed, such as Prolog. Any rewrite system expressible in the more general setting can in fact be expressed as conditional rewrite rules as dened here. A function can be dened to translate rules with arbitrary -terms on the right to conditional rules with patterns on the right. Such a function is dened by induction over types in a manner similar to the one in the previous section for generating congruence clauses. Within theorem proving systems, capabilities for higher-order rewriting can provide a useful tool for the manipulation of formulas and programs. In [5], we illustrate how to integrate a general component for higher-order term rewriting into a tactic style theorem prover. The implementation discussed there builds on the logic programming implementation of tactic style theorem provers presented in Felty [6], and provides a setting for implementing both general and specic rewriting strategies. These techniques can be easily extended to conditional rewriting. References 1. Peter Aczel. A general church-rosser theorem. Technical report, University of Manchester,

12 2. J. A. Bergstra and J. W. Klop. Conditional rewrite rules: Conuence and termination. Journal of Computer and System Sciences, 32:323{362, N. Dershowitz, M. Okada, and G. Sivakumar. Conuence of conditional rewrite systems. In S. Kaplan and J.-P. Jouannaud, editors, Proceedings of the First International Workshop on Conditional Term Rewriting Systems, pages 31{44. Springer- Verlag Lecture Notes in Computer Science, Amy Felty. Encoding dependent types in an intuitionistic logic. In Gerard Huet and Gordon Plotkin, editors, Logical Frameworks, pages 215{251. Cambridge University Press, Amy Felty. A logic programming approach to implementing higher-order term rewriting. In Lars-Henrik Eriksson, Lars Hallnas, and Peter Schroeder-Heister, editors, Proceedings of the January 1991 Workshop on Extensions to Logic Programming, pages 135{161. Springer-Verlag Lecture Notes in Articial Intelligence, Amy Felty. Implementing tactics and tacticals in a higher-order logic programming language. Journal of Automated Reasoning, To appear. 7. J. Roger Hindley and Jonathan P. Seldin. Introduction to Combinatory Logic and Lambda Calculus. Cambridge University Press, Stephane Kaplan. Conditional rewrite rules. Theoretical Computer Science, 33:175{193, J. W. Klop. Combinatory reduction systems. Technical Report Mathematical Centre Tracts Nr.127, Centre for Mathematics and Computer Science, Amsterdam, Dale Miller. A logic programming language with lambda-abstraction, function variables, and simple unication. Journal of Logic and Computation, 1(4):497{ 536, Dale Miller. Unication of simply typed lambda-terms as logic programming. In Eighth International Logic Programming Conference, Paris, France, June MIT Press. 12. Tobias Nipkow. Higher-order critical pairs. In Sixth Annual Symposium on Logic in Computer Science, pages 342{349, Amsterdam, July